Use network objects to reference networks, IP addresses, or interfaces when you create access rules. A network object can also include other existing network objects.
By using network objects instead of explicit IP addresses, access rule management is simplified. For example, if an IP address changes, you do not have to edit it in every rule that references it; you must only change the IP address in the network object. The IP address is then automatically updated for every rule that references the network object.
Create a Custom Network Object
Before you begin, list the network addresses and ports that you want to add to the network object.
To create the network object:
- Go to the FIREWALL > Network Objects page.
- In the Custom Network Objects section, click Add Network Object. The Add Network Object window opens.
- Enter a Name for the network object.
- In the Include Entries section, either select existing network objects to add or explicitly define the network that you want to add and then click the plus sign (+). You can add multiple entries. To explicitly specify an IP address, enter it in the Network Address field and then click the plus sign (+). If applicable, you can also specify the MAC Address and Interface.
For any IP addresses and interfaces that must be excluded from the network object, add them to the Exclude Entries section.
- Click Save. The custom network object then appears in the Custom Network Objects section.
Edit a Custom Network Object
To edit a custom network object:
- Go to the FIREWALL > Network Objects page.
- In the Custom Network Objects section, click the edit symbol for the custom network object that you want to edit.
- In the Edit Network Object window, edit the settings for the object.
- Click Save.
Delete a Custom Network Object
To delete a custom network object:
- Go to the FIREWALL > Network Objects page.
- In the Custom Network Objects section, click the trash can icon for the custom network object that you want to delete.
- Click OK to confirm.